Hi all,
While looking at the patch to support reload of SSL parameters, I have
noticed that the following SSL parameters are not mentioned as
parameters that can only be set at server start:
- ssl_ciphers
- ssl_ecdh_curve
- ssl_prefer_server_ciphers
Attached is a patch to correct the documentation.
Thanks,
--
Michael
diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml
index adab2f8..66d7f75 100644
--- a/doc/src/sgml/config.sgml
+++ b/doc/src/sgml/config.sgml
@@ -1048,7 +1048,8 @@ include_dir 'conf.d'
in the <application>OpenSSL</> package for the syntax of this setting
and a list of supported values. The default value is
<literal>HIGH:MEDIUM:+3DES:!aNULL</>. It is usually reasonable,
- unless you have specific security requirements.
+ unless you have specific security requirements. This parameter can only
+ be set at server start.
</para>
<para>
@@ -1120,7 +1121,8 @@ include_dir 'conf.d'
<listitem>
<para>
Specifies whether to use the server's SSL cipher preferences, rather
- than the client's. The default is true.
+ than the client's. The default is true. This parameter can only be
+ set at server start.
</para>
<para>
@@ -1144,7 +1146,8 @@ include_dir 'conf.d'
Specifies the name of the curve to use in <acronym>ECDH</> key
exchange. It needs to be supported by all clients that connect.
It does not need to be same curve as used by server's Elliptic
- Curve key. The default is <literal>prime256v1</>.
+ Curve key. The default is <literal>prime256v1</>. This parameter
+ can only be set at server start.
</para>
<para>
--
Sent via pgsql-docs mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-docs
